AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
2min snip
The End of GraphQL with Matt Bessey
Software Engineering Daily
Access Requires Clear Boundaries
Zero trust principles can be applied to GraphQL access, emphasizing the need for strict controls on what users can do after accessing an endpoint. The airport analogy highlights that having a boarding pass (access to an endpoint) does not imply unrestricted access; it specifies the flight and seat assigned. In this context, while REST APIs may provide direct access similar to a private jet, they lack thorough security checks, risking unauthorized actions. Back-end developers must continuously evaluate who should have access to specific resources, as GraphQL may lead to overlooked access limitations.
00:00
Transcript
Episode notes
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode